Sign up for our weekly security newsletter

Fresh Citadel Trojan Variant Attacking Payza Payment Processor

Trusteer the security company is reporting one fresh strain of the Citadel Trojan that's circulating online while attacking Payza a world renowned money-transfer facility, particularly in developing countries, which reportedly have low service with respect to Internet utilization.

Payza, while processing payments describes itself to the user as providing the gateway for his money to any place on the planet. It's mainly located in UK, although runs offices within far off, emerging cities viz., Mumbai, India, Solna, Sweden and Dhaka, Bangladesh.

In Etay Maor's opinion, Security Expert at Trusteer, the new Trojan variant has a MitB (Man-in-the-Browser) code specific to Payza which aims at dual URLs: https://www.alertpay[.]com and https://secure[.]payza.com/login. Threatpost.com published this, May 21, 2013.

It maybe noted that AlertPay is one processor of payment situated in Canada which's presently a Payza unit following its acquisition by the online-payment service during May 2012.

Understandably, when any customer logs into his account at Payza through one contaminated PC, the Citadel applies the MitB code and changes every one of the fields that he's directed for filling in while getting onto the login web-page. Subsequently, Citadel includes the Personal Identification Number (PIN) field into Payza's login web-page. Actually, users utilize this PIN whenever they wish for withdrawing funds, transmitting them, adding them, else conducting a payment. A cyber-crook who captures someone's PIN, password and e-mail can compromise that person's account followed with carry out fake transactions.

Notably according to Maor, developing nations' financial services have many security concerns. These are: increasing utilization of cyber-cafes, PCs available for public use, along with little Internet security awareness. When these factors prevail in combination there occur severe consequences, he adds. Infosecurity-magazine.com published this, May 21, 2013.

MitB malware still now is reason for severe risk for Internet based financial services. Therefore, people should be watchful for fresh or dubious requests no matter if they're on trustworthy websites like an Internet payment site or their bank website, Maor concludes.